PhD Defense: Efficient Data-Oblivious Computation

Kartik Nayak
06.08.2018 10:00 to 12:00
AVW 3460

The rapid increase in the amount of data stored by cloud servers has resulted in growing privacy concerns for users. First, keeping data encrypted at all times is an attractive approach to privacy; however, encryption may preclude mining and learning useful patterns from data. Second, companies are unable to distribute proprietary programs to other parties without risking the loss of their private code when those programs are reverse engineered. A challenge underlying both those problems is that how data is accessed -- even when that data is encrypted -- can leak secret information.Oblivious RAM is a well studied cryptographic primitive that can be used to solve the underlying challenge of hiding data access patterns. In this dissertation, we improve Oblivious RAMs and oblivious algorithms asymptotically. We then show how to apply our novel oblivious algorithms to build systems that enable privacy-preserving computation on encrypted data and program obfuscation.Specifically, the first part of this dissertation shows two efficient Oblivious RAM algorithms: 1) The first algorithm achieves sub-logarithmic bandwidth blowup while only incurring an inexpensive XOR computation for performing PIR operations. We also show a lower bound for combining Oblivious RAMs with PIR operations, and 2) The second algorithm is the first perfectly-secure Oblivious Parallel RAM with $O(\log^3 N)$ bandwidth blowup, $O((\log m + \log \log N) \log N)$ depth blowup, and $O(1)$ space blowup when the PRAM has $m$ CPUs and stores $N$ blocks of data. The second part of this dissertation describes two systems -- HOP and GraphSC -- to address the problem of computing on private data and the distribution of proprietary programs. HOP is a system that achieves simulation-secure obfuscation of RAM programs assuming secure hardware. It is the first prototype implementation of a provably secure virtual black-box (VBB) obfuscation scheme in any model under any assumptions. GraphSC is a system that allows cloud servers to run a class data-mining and machine-learning algorithms over users' data without learning anything about that data. GraphSC brings efficient, parallel secure computation to programmers by allowing them to express computation tasks using the GraphLab abstraction. It is backed by the \emph{first} non-trivial parallel oblivious algorithms that outperform generic Oblivious RAMs.

Examining Committee:

Chair: Dr. Jonathan Katz Co-Chair: Dr. Elaine Shi Dean's rep: Dr. Lawrence Washington Members: Dr. Michael Hicks Dr. Charalampos Papamanthou